Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Oba1vkXkK87Fb17Xwdo5Hcim0qk.roa
File: Oba1vkXkK87Fb17Xwdo5Hcim0qk.roa (raw, json)
Hash identifier: w3Ie3+zVwLf4r2tNZqlS62dR0KDOnvzDHIeZERpOTso=
Subject key identifier: 39:B6:B5:BE:45:E4:2B:CE:C5:6F:5E:D7:C1:DA:39:1D:C8:A6:D2:A9
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0195273DE5DC2883629D758465F3CC566E28
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Oba1vkXkK87Fb17Xwdo5Hcim0qk.roa
Signing time: Fri 21 Feb 2025 06:42:02 +0000
ROA not before: Fri 21 Feb 2025 06:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a09:6280:b::/48 maxlen: 48
2a12:a345::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:3d:e5:dc:28:83:62:9d:75:84:65:f3:cc:56:6e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 21 06:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39b6b5be45e42bcec56f5ed7c1da391dc8a6d2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:9d:79:ea:b6:a3:60:12:84:40:8d:52:71:
e4:fc:bf:89:8a:45:53:79:57:f6:d4:10:22:bf:dd:
55:f2:83:de:b0:d0:af:38:ec:0f:14:28:94:69:2b:
a1:1d:f8:2d:bd:f5:70:cf:a7:03:7e:59:fc:ed:8c:
cc:da:87:55:93:80:62:ac:ca:df:9a:a2:50:72:0e:
81:33:7d:81:2e:a5:0a:2e:36:bb:ed:89:5a:ec:35:
c5:8e:3a:fc:78:9e:40:ac:cd:77:23:c1:c0:b3:7d:
0c:7d:8b:b6:3c:0f:0d:91:0b:7f:f5:6b:28:4b:90:
59:e7:dd:a5:7d:18:7d:70:a2:e3:ae:2e:9e:8a:37:
05:01:e6:6f:94:2f:71:a2:5d:42:0d:5f:2e:99:f0:
7a:49:72:0b:e6:12:63:99:79:bc:60:ef:91:8c:68:
f8:7b:33:d0:d6:39:8a:75:e8:43:86:7c:64:37:c9:
47:d5:68:a7:de:54:1a:95:b3:e0:45:2b:08:bd:bb:
c1:ca:75:92:0a:bc:e8:be:a8:0b:1b:dc:2a:36:9b:
fe:66:3e:eb:4c:8c:a7:e0:76:29:e9:bb:1f:8d:9d:
2b:a9:db:70:0c:9c:fb:dd:8d:ff:ca:2e:5c:97:a8:
fc:3f:39:7a:68:79:2e:8c:a2:f9:f8:bc:ca:78:e9:
7e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B6:B5:BE:45:E4:2B:CE:C5:6F:5E:D7:C1:DA:39:1D:C8:A6:D2:A9
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Oba1vkXkK87Fb17Xwdo5Hcim0qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6280:b::/48
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
32:13:39:b4:10:b0:1b:d8:b1:9d:b6:6e:74:8f:46:a5:e7:32:
94:fd:95:f8:96:ea:3a:24:65:6c:52:93:6f:82:0b:26:7c:91:
c4:b9:8d:4b:d6:de:8e:94:21:41:d7:27:cd:a0:bf:de:c8:8f:
f4:50:1f:bf:f7:d2:dd:98:96:d8:4a:0b:5a:8e:b1:f2:e8:ca:
53:e6:d1:a5:de:b1:8e:80:11:c0:b9:ca:0f:7d:45:f4:40:5f:
97:9c:f4:cb:f8:ba:92:e5:f3:87:02:cf:7e:21:0c:26:e1:9e:
1d:39:4f:95:0a:0b:fb:5c:6d:8b:61:72:a3:e0:0f:6e:64:42:
69:be:a6:56:6b:d5:b2:7a:e1:a7:49:b3:dc:34:e0:7d:51:b8:
8d:27:3f:61:48:a3:92:a2:b1:4a:cd:7d:02:36:a6:91:38:4f:
fb:44:f7:28:01:42:67:71:b6:e1:e7:74:50:b1:b5:15:ae:4b:
c7:eb:7f:ba:72:e6:66:11:ee:8c:88:c8:18:a7:b6:7c:2a:37:
30:4e:c7:d8:b0:40:b6:ad:29:75:5f:e0:d9:67:de:fe:e5:df:
77:4a:ef:3d:40:88:69:69:fb:c1:3b:ba:30:5d:50:2f:2c:5b:
4f:7d:04:ad:c2:47:b2:66:a3:af:60:ba:d2:91:22:f5:6c:2c:
3c:63:37:02
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZUnPeXcKINinXWEZfPMVm4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMjIxMDY0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI2YjViZTQ1ZTQyYmNlYzU2ZjVlZDdjMWRhMzkxZGM4YTZkMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPOdeeq2o2AShECNUnHk/L+JikVT
eVf21BAiv91V8oPesNCvOOwPFCiUaSuhHfgtvfVwz6cDfln87YzM2odVk4BirMrf
mqJQcg6BM32BLqUKLja77Yla7DXFjjr8eJ5ArM13I8HAs30MfYu2PA8NkQt/9Wso
S5BZ592lfRh9cKLjri6eijcFAeZvlC9xol1CDV8umfB6SXIL5hJjmXm8YO+RjGj4
ezPQ1jmKdehDhnxkN8lH1Win3lQalbPgRSsIvbvBynWSCrzovqgLG9wqNpv+Zj7r
TIyn4HYp6bsfjZ0rqdtwDJz73Y3/yi5cl6j8Pzl6aHkujKL5+LzKeOl+HQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDm2tb5F5CvOxW9e18HaOR3IptKpMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvT2JhMXZrWGtLODdGYjE3WHdkbzVIY2ltMHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKgligAAL
AwUAKhKjRTANBgkqhkiG9w0BAQsFAAOCAQEAMhM5tBCwG9ixnbZudI9GpecylP2V
+JbqOiRlbFKTb4ILJnyRxLmNS9bejpQhQdcnzaC/3siP9FAfv/fS3ZiW2EoLWo6x
8ujKU+bRpd6xjoARwLnKD31F9EBfl5z0y/i6kuXzhwLPfiEMJuGeHTlPlQoL+1xt
i2Fyo+APbmRCab6mVmvVsnrhp0mz3DTgfVG4jSc/YUijkqKxSs19AjamkThP+0T3
KAFCZ3G24ed0ULG1Fa5Lx+t/unLmZhHujIjIGKe2fCo3ME7H2LBAtq0pdV/g2Wfe
/uXfd0rvPUCIaWn7wTu6MF1QLyxbT30ErcJHsmajr2C60pEi9WwsPGM3Ag==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:15 2025 by rpki-client